Cybercrime – why it matters to you01 February 2016
Academy Associate Mark Johnson explains why you should be paying attention - particularly following reports that cyber security and fraud are only regularly discussed at around a third of board meetings.
One of the questions often asked in relation to cybercrime is, ‘So what? How does it really affect me?’ In fact, whether we are thinking in terms of the protection of sensitive personal data, or at the level of corporate and national security, the effects of cybercrime can be very significant.
In order to understand the true nature of this threat, it helps if you focus less on computer technology and more on how that technology is being used to deliver goods and services. These applications are evolving at lightning speed.
Take robotics, for example. From the Amazon delivery drones currently being trialled, to driverless cars, industrial robots and even fridges that can re-order stock autonomously, the world is rapidly becoming home to a new species; the smart device. Many of these devices already hold sensitive personal data, location information and financial data, such as their owner’s credit card information. And most of these devices are internet-connected.
When one remembers that virtually everything on the internet is potentially hackable, the risks become clearer. The so-called ‘internet of things’ (IoT) is becoming a reality and that means that cybercrime is becoming an ever more important threat.
If you purchase a smart fridge you are not merely adding another device to the internet but one that reveals details about you to a hacker, details that could be used to map your lifestyle and trick you into revealing even more data.
In 2014 a smart fridge was even discovered sending out spam after a web attack managed to compromise a range of supposedly smart gadgets, including media PCs and smart TV sets. The hacked fridge was one of more than 100,000 devices used to take part in that single spam campaign.
An internet-connected car is also potentially hackable. In July 2015, Fiat Chrysler had to issue a safety recall affecting 1.4m vehicles in the US after security researchers demonstrated that one of the firm’s internet-connected cars could be hacked. The car’s control systems could be reached via a hack into the entertainment system.
An internet-connected car is likely to have several on-board systems that hold sensitive personal data. The GPS system will store both your home address and a list of your recent or saved trips. A hacker will know where you live, where you go, when you are likely to be out and where you might be at a given time, while in-built communications systems are likely to hold contact details for you and for others, including names, addresses, phone numbers, emails and even birth dates.
Add to all of this the fact that more than 25 percent of serious frauds in the UK now involve some form of cybercrime activity and the security implications of these evolving technologies become more apparent.
Once we grasp the real-world risks that those esoteric cyber technologies can introduce to our daily lives, the rationale for cyber-security awareness training becomes more obvious. Not only do police officers need to become better at spotting and investigating cybercrimes, but managers in all industries and sectors, and at all levels, need to start factoring cyber-security and cybercrime risks into their normal planning and decision-making processes. It is a topic with that brings with it implications for everything from product design to insurance and from marketing to payment processing. Cybercrime is here to stay and the time to develop your own level of awareness is now.
About the author
Mark Johnson is a cybercrime and security awareness trainer who has worked with clients worldwide over a 30-year period. He is a former military intelligence officer, recruit training officer, drug enforcement operative and head of high tech fraud control for several global communications firms.
Mark is also the author of four books, two on the topic of high technology risks in the modern era and two military histories. He is a member of faculty with several accredited public training companies and he works closely with the UK Police and the Home Office on awareness training and consulting engagements. His main focus is on explaining high tech crime risks to non-technical decision makers. Mark can be contacted at firstname.lastname@example.org
Mark is working with the Economic Crime Academy to deliver a course on Cyber Enabled Fraud aimed at demystifying this complex area - click here to find out moreView All News